One of the things is always that you learn the most if things are not working, hence my question.
I don't have a real design per-se, but a quick text drawing:
Mikrotik RB960 BGP peer <-> Proxmox EVPN/BGP controller as peer -> vrf -> (vx)lans
192.168.88.1 AS=65530 192.168.88.249 AS=65530 (so iBGP)
I'm not certain if pasting in my entire Mikrotik config in here is useful, but this is the log entry I keep seeing repeated on the RB960:
The proxmox syslog shows this, for some reason this will not paste properly as code:
9:47:48 route,bgp,info TCP connection established 09:47:48 route,bgp,info RemoteAddress=192.168.88.249 09:47:48 route,bgp,error Received notification 09:47:48 route,bgp,error OPEN error: unsupported capability
Jul 01 09:45:55 <hostname> bgpd: [EC 33554451] 192.168.88.1 [Error] Configured AFI/SAFIs do not overlap with received MP capabilities Jul 01 09:45:55 <hostname> bgpd: %NOTIFICATION: sent to neighbor 192.168.88.1 2/7 (OPEN Message Error/Unsupported Capability) 12 bytes 01 04 00 01 Jul 01 09:45:55 <hostname> bgpd: [EC 33554451] bgp_process_packet: BGP OPEN receipt failed for peer: 192.168.88.1
This is how the RB960 is set up:
/routing bgp peer add address-families=ip,l2vpn disabled=no name=proxmox-epvpnctl1 \ remote-address=192.168.88.249 remote-as=65530 use-bfd=yes /routing bgp instance set default router-id=192.168.88.1
Bear with me regarding the bfd and address families
I changed the router ID from it's original 0.0.0.0. but reading the documentation this would normally not be needed.
I'm not advertising any networks from my RB960 to the proxmox (yet).
Editing the config in Proxmox is mainly GUI work, but as I wrote underneath is FRR which is stored here:
This config is why I specified the bfd and specific ip and l2vpn in the mikrotik, but that does not make a difference if I set that or leave default on the RB960.
root@<host>:~# cat /etc/frr/frr.conf log syslog informational ip forwarding ipv6 forwarding frr defaults datacenter service integrated-vtysh-config hostname <hostname> ! ! vrf vrf_evpnz1 vni 10000 exit-vrf ! router bgp 65530 bgp router-id 192.168.88.249 no bgp default ipv4-unicast coalesce-time 1000 neighbor VTEP peer-group neighbor VTEP remote-as 65530 neighbor VTEP bfd neighbor 192.168.88.1 peer-group VTEP ! address-family ipv4 unicast import vrf vrf_evpnz1 exit-address-family ! address-family ipv6 unicast import vrf vrf_evpnz1 exit-address-family ! address-family l2vpn evpn neighbor VTEP activate advertise-all-vni exit-address-family ! router bgp 65530 vrf vrf_evpnz1 ! address-family ipv4 unicast redistribute connected exit-address-family ! address-family ipv6 unicast redistribute connected exit-address-family ! address-family l2vpn evpn default-originate ipv4 default-originate ipv6 exit-address-family ! line vty
Some settings can only be done in this file and are not yet available in the Proxmox gui.
Kind of puzzled by this line:
Is there anything fundamentally wrong in this config? Or is the next step to start capturing packets and see what's actually inside there?
no bgp default ipv4-unicast
Best regards, and thanks in advance for any pointers,